/**
*
* @see \X509\AttributeCertificate\AttCertIssuer::identifiesPKC()
* @return bool
*/
public function identifiesPKC(Certificate $cert)
{
$name = $this->_issuerName->firstDN();
if (!$cert->tbsCertificate()->subject()->equals($name)) {
return false;
}
return true;
}
/**
*
* @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
* @return Sequence
*/
public function toASN1()
{
$elements = array();
if (isset($this->_roleAuthority)) {
$elements[] = new ImplicitlyTaggedType(0, $this->_roleAuthority->toASN1());
}
$elements[] = new ExplicitlyTaggedType(1, $this->_roleName->toASN1());
return new Sequence(...$elements);
}
/**
* Initialize from TaggedType.
*
* @param TaggedType $el
* @throws \UnexpectedValueException
* @return self
*/
public static function fromTaggedType(TaggedType $el)
{
switch ($el->tag()) {
case self::TAG_FULL_NAME:
return new FullName(GeneralNames::fromASN1($el->asImplicit(Element::TYPE_SEQUENCE)->asSequence()));
case self::TAG_RDN:
return new RelativeName(RDN::fromASN1($el->asImplicit(Element::TYPE_SET)->asSet()));
default:
throw new \UnexpectedValueException("DistributionPointName tag " . $el->tag() . " not supported.");
}
}
/**
*
* @see \X501\ASN1\AttributeValue\AttributeValue::toASN1()
* @return Sequence
*/
public function toASN1()
{
$elements = array();
if (isset($this->_policyAuthority)) {
$elements[] = new ImplicitlyTaggedType(0, $this->_policyAuthority->toASN1());
}
$values = array_map(function (IetfAttrValue $val) {
return $val->toASN1();
}, $this->_values);
$elements[] = new Sequence(...$values);
return new Sequence(...$elements);
}
/**
* Check whether this IssuerSerial identifies given certificate.
*
* @param Certificate $cert
* @return boolean
*/
public function identifiesPKC(Certificate $cert)
{
$tbs = $cert->tbsCertificate();
if (!$tbs->issuer()->equals($this->_issuer->firstDN())) {
return false;
}
if (strval($tbs->serialNumber()) != strval($this->_serial)) {
return false;
}
if ($this->_issuerUID && !$this->_checkUniqueID($cert)) {
return false;
}
return true;
}
/**
* Generate ASN.1 structure.
*
* @return Sequence
*/
public function toASN1()
{
$elements = array();
if (isset($this->_distributionPoint)) {
$elements[] = new ExplicitlyTaggedType(0, $this->_distributionPoint->toASN1());
}
if (isset($this->_reasons)) {
$elements[] = new ImplicitlyTaggedType(1, $this->_reasons->toASN1());
}
if (isset($this->_issuer)) {
$elements[] = new ImplicitlyTaggedType(2, $this->_issuer->toASN1());
}
return new Sequence(...$elements);
}
protected function _valueASN1()
{
$elements = array();
if (isset($this->_keyIdentifier)) {
$elements[] = new ImplicitlyTaggedType(0, new OctetString($this->_keyIdentifier));
}
// if either issuer or serial is set, both must be set
if (isset($this->_authorityCertIssuer) || isset($this->_authorityCertSerialNumber)) {
if (!isset($this->_authorityCertIssuer, $this->_authorityCertSerialNumber)) {
throw new \LogicException("AuthorityKeyIdentifier must have both" . " authorityCertIssuer and authorityCertSerialNumber" . " present or both absent.");
}
$elements[] = new ImplicitlyTaggedType(1, $this->_authorityCertIssuer->toASN1());
$elements[] = new ImplicitlyTaggedType(2, new Integer($this->_authorityCertSerialNumber));
}
return new Sequence(...$elements);
}
protected function _valueASN1()
{
return $this->_names->toASN1();
}
/**
* Check whether any of the subject alternative names match entityName.
*
* @param GeneralNames $san
* @return boolean
*/
private function _checkEntityAlternativeNames(GeneralNames $san)
{
// only directory names supported for now
$name = $this->_entityName->firstDN();
foreach ($san->allOf(GeneralName::TAG_DIRECTORY_NAME) as $dn) {
if ($dn instanceof DirectoryName && $dn->dn()->equals($name)) {
return true;
}
}
return false;
}
